A new way to look at fraud… and prevent it.

It’s not all about that face when it comes to fighting fraud on a large scale. Cracking down on individuals can work to prevent soft fraud—a policyholder, for example, claiming a two-year-old dent came from yesterday’s fender bender. But it isn’t effective in detecting and preventing hard fraud.

John Lorimer, vice-president of analytics fraud development at LexisNexis in Alpharetta, Georgia, says those acts are premeditated, collusive and “may be committed by rings or organizations that frankly are in the business to create fraud.” In 2012, for example, Project Whiplash in Ontario cracked down on a staged car crash scheme involving at least 37 people and several million dollars.

To ferret out fraud rings, firms must look to their devices that “are often being used in an office setting by multiple people working shifts to carry out diverse kinds of fraud,” says Scott Waddell, chief technology officer at Iovation, a Portland company offering device-based anti-fraud products.

The computers, tablets and cell phones linked to fraudulent activity are likely to be involved in defrauding companies in other industries “because that’s just a natural behavior profile for the bad guys.” Fraudsters will “shotgun out there across those businesses when they have stolen identity credentials that can be used for opening up fraudulent accounts and quotes and claims with insurance [companies].” They can also use those accounts “to fraudulently apply for credit, or leverage for bogus retail transactions.”

Lorimer points out that fraud detection is “really more about the transaction than it is about the person.” An insurance quote request coming from an IP address previously linked to banking fraud might not lead to the perpetrator “but that’s still a connectivity that you want to take a look at.”

A 2015 LexisNexis study discovered that 84 percent of businesses encounter fraud from other industries, so info-sharing between insurers, while helpful, can only go so far. To fill that gap, companies such as LexisNexis and Iovation have created databases in which they crunch clients’ fraud stats and share the normalized information to all contributors. That way, clients can screen claims and quote requests and know which are connected to fraudulent incidents at other companies.

These networks mean “you’re not just able to say, ‘Hey, I recognize this device as one that’s hurt me before,’ but instead, ‘I recognize this device as one that’s hurt another insurance vendor or an aggregator or a bank or a retailer,’” says Waddell. Based on that, “I’m going to increase the scrutiny that I place on that transaction, or I’m going to reject it outright. That can materially impact my fraud catch.”

Other than IP addresses linked to previous fraud, the databases pick up on physical addresses tied to fraud and IP addresses linked to dozens of quote requests or claims in short order, a data point Waddell calls velocity. “You know, your grandmother doesn’t do that through her iPad, right? That’s the kind of stuff that sticks out like a sore thumb.” Geographical mismatches can also be suspicious—a domestic American bank shouldn’t have requests originating from east Africa. Plus, “the newer a device is to an account, the more likely it is to be something like an account takeover scenario.”

The LexisNexis database is called the Fraud Defense Network, and includes data from American companies in industries such as insurance, healthcare, retail, banking and communications (it’s not yet available in Canada). One of the major challenges in running the network, says Lorimer, is determining the reliability of each fraud submission. A criminal case may look airtight but insurers often drop a fraudulent claim after denying it because of the difficulty in getting a conviction. “…That saves the insurance company money, but those same fraudsters will then turn around and do the same thing again to another insurer… So not having visibility into what these kinds of individuals are doing more broadly ultimately works against the ability to mitigate fraud.”

A claim an insurer found fraudulent and denied but didn’t pursue in court “doesn’t reach the bar of proven but it still has weight and it still has value,” says Lorimer. LexisNexis summarizes all the information it receives from the Fraud Defense Network participants, weighting some data more heavily than others, so its clients can decide how to proceed.

The Frankenstein ID

The network also differentiates between identity theft—where companies might have the name of the fraud victim, not the fraudster—and perpetrator fraud, where the culprit uses their own information. In the former, says Lorimer, companies need to proceed carefully and avoid accusing victims of defrauding them.

Then there are those who steal a name from one person, swipe an address from another and pull a phone number out of thin air. Armed with such “a Frankenstein of identity elements,” Waddell notes, fraudsters request quotes in the hopes of buying cheap policies and quickly filing claims. And in some districts, it’s very difficult for insurers to deny policy applications.

Ontario, for instance, has a take-all-comers rule, in which insurers must sell policies to all who meets their underwriting criteria. So, says IBAO chair Michael Brattman, if an insurer has filed a rule saying it will only cover drivers with two convictions in the past year, it doesn’t matter how suspicious a potential customer seems. “At the end of the day, the rules are filed and… you can, as a consumer or broker, say, ‘Sorry, those are your rules.’ They have to accept you.”

A benefit of a cross-industry fraud network, Waddell says, is it frees insurers from such regulatory constraints. If an insurer “can concretely tie [a quote request] to fraud, they can filter a lot of those out at the front door,” and explain to regulators they’re denying requests based on non-discriminatory metrics suggesting those customers will defraud them.

Screening clients through cross-industry data sharing networks can also help speed up transaction times for legitimate customers.

“Oftentimes in insurance there is a push, both on the policy side and on the claims side, for fast process,” Lorimer says. “And that’s kind of the name of the game in business in general. Everybody wants things fast… I don’t want to wait two days or talk to an agent.” As companies process claims more quickly, there’s a greater chance they will make a mistake. The networks ease their burden by performing the initial screen and separating claims into approve, deny and investigate tracks.

Furthermore, networks can also predict when a customer follows the rules, Waddell says, which lets companies take more risks with honest customers and generate more revenue.

“So now you’re not just tapping into the loss prevention side of the business, which is traditionally where we’ve played on the fraud mitigation piece. But you’re actually helping them improve the flow and the experience for the good guys, so that it begins to accrue to the revenue generation side of the business.”

What the broker brings

Brokers get their time to shine when detecting and preventing soft fraud, which begins with what IBAO’s Brattman calls upfront underwriting.

Brattman, who is also a partner at Erb and Erb Insurance Brokers in Kitchener, Ont., keeps an eye out for potential clients who supply a Kitchener address but a Toronto area code, a clue they’re trying to take advantage of cheaper premiums outside the city. As a first step, Brattman would request a copy of their vehicle registration, driver’s licence or a hydro bill to verify their mailing address. “So whether that’d fraud or misrepresentation,” he says, “that’s what we do as brokers is make sure we’re asking the right questions up front.”

If the client’s address doesn’t check out, Brattman sets up a face-to-face meeting to explain the importance of accurate representation. “It’s not that we’re implying or accusing. It’s informing and educating that in the event of a claim, if something isn’t the way you say it is, that will be something that we’ll look at.”

But unlike insurers, brokers are not bound by the take-all-comers rule. If a potential customer gets evasive and refuses to provide more details or meet in person, a broker can decline to work with them. “You want to make sure there’s a right fit for your brokerage,” Brattman says diplomatically.

Other brokers have more cut-and-dry rules. “If I receive a call from somebody who has a past fraud case as a criminal case, if it’s general fraud, I will do something for the insured,” says Patrick Bouchard, chair of the Quebec broker association RCCAQ and president of Bouchard & Associés Solutions d’Assurances in Quebec City. “But if it’s fraud against an insurance company, for sure, for the rest of my life, I will not insure the guy.”

To ensure new clients aren’t asking for immediate auto insurance so they can claim an accident that already occurred, Bouchard has them email pictures of the vehicle to him or, better yet, drive by the brokerage so he can check for damages.

But the rise of online quoting systems and app-based insurance sales means it’s harder for brokers to develop relationships with customers and get a read on them—or get a look at their car.

“So the more distant you are from the individual you’re dealing with, there’s more of a risk they may not be what they seem to be,” says David Stewart, partner, strategic analytics and modelling, financial crimes at Deloitte in Toronto. “That’s part of the challenge. It’s that we live in such a fastpaced society now that we don’t do a lot of the traditional validations that we would historically do in business because time is of the essence.”

It becomes trickier still when you suspect a client is submitting a fraudulent claim. Brattman suggests taking detailed notes, recording phone conversations and again, talking—preferably in person—to clients about the importance of telling the entire story. “It’s always making sure that we’re advocating on behalf of our client but also informing them that if this happens, the result will be potentially a denial of the claim.”